96 lines
2.8 KiB
JavaScript
96 lines
2.8 KiB
JavaScript
const uuid = require('uuid/v1');
|
|
const utils = require("../../utils/utils.js")
|
|
const keccak = require('keccakjs');
|
|
|
|
const ERROR_OBJ = {error: __('Wrong authentication token. Get your token from the Embark console by typing `token`')};
|
|
|
|
class Authenticator {
|
|
constructor(embark, _options) {
|
|
this.authToken = uuid();
|
|
this.embark = embark;
|
|
this.logger = embark.logger;
|
|
this.events = embark.events;
|
|
|
|
this.registerCalls();
|
|
this.registerEvents();
|
|
}
|
|
|
|
generateRequestHash(req) {
|
|
let cnonce = req.headers['x-embark-cnonce'];
|
|
let hash = new keccak();
|
|
let url = req.url;
|
|
let queryParamIndex = url.indexOf('?');
|
|
url = url.substring(0, queryParamIndex !== -1 ? queryParamIndex : url.length)
|
|
|
|
hash.update(cnonce);
|
|
hash.update(this.authToken);
|
|
hash.update(req.method);
|
|
hash.update(url);
|
|
return hash.digest('hex');
|
|
}
|
|
|
|
registerCalls() {
|
|
let self = this;
|
|
|
|
this.embark.registerAPICall(
|
|
'post',
|
|
'/embark-api/authenticate',
|
|
(req, res) => {
|
|
let hash = self.generateRequestHash(req);
|
|
if(hash !== req.headers['x-embark-request-hash']) {
|
|
this.logger.warn(__('Someone tried and failed to authenticate to the backend'));
|
|
this.logger.warn(__('- User-Agent: %s', req.headers['user-agent']));
|
|
this.logger.warn(__('- Referer: %s', req.headers.referer));
|
|
return res.send(ERROR_OBJ);
|
|
}
|
|
res.send({});
|
|
}
|
|
);
|
|
|
|
this.embark.registerConsoleCommand((cmd, _options) => {
|
|
return {
|
|
match: () => cmd === "token",
|
|
process: (callback) => {
|
|
callback(null, __('Your authentication token: %s \nYou can use the command `copytoken` to copy the authentication token to your clipboard', this.authToken));
|
|
}
|
|
};
|
|
});
|
|
|
|
this.embark.registerConsoleCommand((cmd, _options) => {
|
|
return {
|
|
match: () => cmd === "copytoken",
|
|
process: (callback) => {
|
|
utils.copyToClipboard(this.authToken)
|
|
callback(null, __('Token copied to clipboard: %s', this.authToken));
|
|
}
|
|
};
|
|
});
|
|
|
|
}
|
|
|
|
registerEvents() {
|
|
let self = this;
|
|
|
|
this.events.once('outputDone', () => {
|
|
const {port, host} = this.embark.config.webServerConfig;
|
|
this.logger.info(__('Access the web backend with the following url: %s',
|
|
(`http://${host}:${port}/embark?token=${this.authToken}`.underline)));
|
|
});
|
|
|
|
this.events.setCommandHandler('authenticator:authorize', (req, res, cb) => {
|
|
let authenticated = false;
|
|
if(!res.send) {
|
|
authenticated = (this.authToken === req.protocol);
|
|
} else {
|
|
let hash = self.generateRequestHash(req);
|
|
authenticated = (hash === req.headers['x-embark-request-hash']);
|
|
}
|
|
|
|
if(authenticated) return cb();
|
|
cb(ERROR_OBJ);
|
|
});
|
|
}
|
|
}
|
|
|
|
module.exports = Authenticator;
|